Fortinet announced FortiRecon, a complete offering of Digital Risk Protection Services (DRPS) that leverages a combination of machine learning, automation capabilities, and cybersecurity experts from FortiGuard Labs.
The result is a solution designed to manage a company’s risk exposure and recommends meaningful measures to protect its brand reputation, assets, and data.
Overall, FortiRecon provides a triple offering of outside-in coverage across External Attack Surface Management (EASM), Brand Protection (BP), and Adversary-Centric Intelligence (ACI) to counter attacks in the reconnaissance phase, the stage of a cyber attack, to reduce the risk, time and cost of mitigating the threat at a later stage.
According to Fortinet, a cybercriminal’s primary goal is to gather as much information as possible about his target before attacking an organization. This phase of early exploration arms the adversary with everything they need to determine if and how they would exploit an organization.
They test a company’s defense and response tactics, search for unpatched systems, use social media to learn about its employees and their normal behavior and go as far as researching business partners, recent acquisitions, and every other third party that could lead to a successful compromise.
As organizations digitally accelerate their business and deploy hybrid IT architectures that increase the attack surface, identifying and mitigating these threats is becoming increasingly difficult, Fortinet said.
In response to the speed of threats, cybersecurity best practices have evolved from timely assessments to continuous monitoring, ongoing assessments, and continuous improvements to an organization’s security posture.
Company. Safety posture. With the introduction of FortiRecon, Fortinet provides business organizations with a tool to understand how the adversary sees an organization from the outside, to educate cybersecurity teams, the C-level, and risk and compliance management on prioritizing risk and improving overall business operations.
FortiRecon provides companies with consistent and comprehensive coverage in three areas:
Monitoring external attack surfaces: enables organizations to understand their risk profile and mitigate risk early. Provides an exterior view of an organization and its subsidiaries to identify exposed known and unknown assets and associated vulnerabilities and prioritize remediation of critical issues.
EASM identifies servers, credentials, misconfigurations of public cloud services, and even vulnerabilities in third-party software code that malicious actors can exploit.
Brand Protection: Enables organizations to protect their brand and identify risks to their customers. Proprietary algorithms detect web-based typo-squatting, defacements, phishing impersonations, rogue mobile apps, credential leaks, and social media brand impersonation, all common techniques used by cyber threat actors.
The early detection of malicious activity enables teams to take rapid action (such as removing a website or application) to stop and prevent damage.
Adversary Intelligence: Increase the security awareness of an organization’s SOC team with industry and geographic coverage to understand their attackers better and protect assets.
FortiGuard Labs cybersecurity experts assess the underground and immediate threat risks posed by active cybercriminals to an individual company by proactively monitoring public and private forums, open source, the dark web, and other cybercriminal domains. By participating in human intelligence gathering, FortiGuard Labs experts assess and manage custom threat intelligence with recommendations specific to business, industry, and geography.
John Maddison, EVP of Products and CMO for Fortinet, said: “The earlier in the attack cycle you identify and stop an opponent, the less costly and damaging their actions are. Using a powerful combination of human and artificial intelligence, FortiRecon organizations gain insight into what opponents see, do, and plan.
“FortiRecon’s vendor-agnostic SaaS delivery model coupled with an intuitive interface and easily digestible reports enable executives across the organization to quickly understand the risks to their business, data, and brand reputation, while our team of cybersecurity experts from FortiGuard Labs offerings improve with removal services, guidance on prioritizing recovery efforts, and targeted research and threat intelligence.”
For partners, FortiRecon can be sold on top of the Fortinet Security Fabric or as a standalone, vendor-independent solution that delivers digestible reports and empowers their customers to understand the risks to their business, data, and brand reputation. FortiRecon also expands the risk categories for which partners can provide customers with insights and increases the likelihood of winning new customers who have only invested in more traditional security solutions, the company said.
FortiRecon complements Fortinet’s portfolio of early detection and advanced response products, including FortiNDR, FortiXDR, FortiDeceptor, in-line sandboxing, and advanced automation with FortiAnalyzer, FortiSIEM, and FortiSOAR.